我已经按照我在评论中链接的教程在我的服务器上设置了 Let's Encrypt(使用 nginx)。我还使用以下 DNS 设置设置了 CloudFlare:
https://i.stack.imgur.com/AV8lf.png
我的 nginx 配置如下:
server {
listen 80;
server_name example.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
root /usr/share/nginx/html/public;
index index.php index.html index.htm;
server_name example.com www.example.com;
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
location ^~ /.well-known/ {
allow all;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
如果我访问https://www.example.com
,网站加载正常。但是当我访问http://www.example.com
(非 HTTPS)时,它显示错误 522:
https://i.stack.imgur.com/iTJ5A.png
出了什么问题?我该如何修复?为什么我的重定向不起作用?
答案1
你读了...吗CloudFlare 的 522 连接超时指南? 您是否已将 SSL 设置为“完整 SSL”?对我来说,这符合页面规则,但可能存在全局设置。
答案2
检查 ec2 的入站防火墙规则 - 确保端口 80/443 已公开。
答案3
我认为您已经联系过 CloudFlare 的支持团队,对吗?
server {
listen 80;
server_name example.com;
return 301 https://$server_name$request_uri;
}
您没有将 server_name 设置为服务 www.example.com,但在您的 HTTPS 示例中,您同时拥有 example.com 和 www.example.com
server {
listen 443 ssl;
root /usr/share/nginx/html/public;
index index.php index.html index.htm;
server_name example.com www.example.com;
...